[35860] in Kerberos

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Can't login via krb5 with "User not known to the underlying

daemon@ATHENA.MIT.EDU (=?KOI8-R?B?z8zYx8Egy9LZ1sHOz9fTy8H)
Fri Mar 14 22:15:27 2014

MIME-Version: 1.0
In-Reply-To: <CA+OH3v0dWBeoT2vgMt_x4TFf_3F3xdU6k7Y213eEuHiHq+WaYA@mail.gmail.com>
Date: Sat, 15 Mar 2014 03:15:12 +0100
Message-ID: <CA+OH3v1hyFj=pScfwjm9x4_D4xt0Prkykz=ThtHtx=C58H+NZw@mail.gmail.com>
From: =?KOI8-R?B?z8zYx8Egy9LZ1sHOz9fTy8HR?= <olga.kryzhanovska@gmail.com>
To: "<kerberos@mit.edu>" <kerberos@mit.edu>
Content-Type: text/plain; charset="utf-8"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit

And the kdc log /var/log/krb5/krb5kdc.log gives me this error:

Mar 15 03:06:50 nexentapuzzle krb5kdc[3003](info): AS_REQ (7 etypes
{18 17 16 23 1 3 2}) 192.168.2.98: CLIENT_NOT_FOUND:
test001@NEXENTAPUZZLE.NRUBSIG.ORG for
krbtgt/NEXENTAPUZZLE.NRUBSIG.ORG@NEXENTAPUZZLE.NRUBSIG.ORG, Client not
found in Kerberos database

What does that mean?

Olga

On Sat, Mar 15, 2014 at 3:02 AM, ольга крыжановская
<olga.kryzhanovska@gmail.com> wrote:
> I am on a Suse 11.3 installation which itself runs the kdc for
> testing. There is a local account test001, for which I added a
> principal via kadmin's ank sub command, i.e. 'ank test001'.
>
> Now if I wish to log in I can't do it, and see the following error in
> /var/log/messages:
>
> Mar 15 02:29:06 nexentapuzzle login[3531]: User not known to the
> underlying authentication module
>
> Does anyone know what I am doing wrong? Should I do another kadmin
> command to setup a user, beyond the "ank" sub command?
>
> PS: yast option "Ignore Unknown Users" in "Advanced Kerberos Client
> Configuration" is "OFF", but if I toggle it to "ON" the problem
> disappears, but I think this might be wrong, or not?
>
> Olga
> --
>       ,   _                                    _   ,
>      { \/`o;====-    Olga Kryzhanovska   -====;o`\/ }
> .----'-/`-/     olga.kryzhanovska@gmail.com   \-`\-'----.
>  `'-..-| /       http://twitter.com/fleyta     \ |-..-'`
>       /\/\     Solaris/BSD//C/C++ programmer   /\/\
>       `--`                                      `--`



-- 
      ,   _                                    _   ,
     { \/`o;====-    Olga Kryzhanovska   -====;o`\/ }
.----'-/`-/     olga.kryzhanovska@gmail.com   \-`\-'----.
 `'-..-| /       http://twitter.com/fleyta     \ |-..-'`
      /\/\     Solaris/BSD//C/C++ programmer   /\/\
      `--`                                      `--`

________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home	help	back	first	fref	pref	prev	next	nref	lref	last	post